diff options
author | OpenShift Bot <eparis+openshiftbot@redhat.com> | 2017-05-23 20:20:41 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-05-23 20:20:41 -0500 |
commit | f4061b9ad327ddd294b16285462c5bdde10945a6 (patch) | |
tree | e7e1d824f9d81b1db34a02c1bb32eb245fac9c9c /roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 | |
parent | dc9786a20225e970edf45daf2038e419f2fe7802 (diff) | |
parent | 68f8a50abc0acd3005dbd98d0e7964bcf7900e26 (diff) | |
download | openshift-f4061b9ad327ddd294b16285462c5bdde10945a6.tar.gz openshift-f4061b9ad327ddd294b16285462c5bdde10945a6.tar.bz2 openshift-f4061b9ad327ddd294b16285462c5bdde10945a6.tar.xz openshift-f4061b9ad327ddd294b16285462c5bdde10945a6.zip |
Merge pull request #3509 from ewolinetz/logging_component_subroles
Merged by openshift-bot
Diffstat (limited to 'roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2')
-rw-r--r-- | roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 b/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 new file mode 100644 index 000000000..681f5a7e6 --- /dev/null +++ b/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 @@ -0,0 +1,81 @@ +cluster: + name: ${CLUSTER_NAME} + +script: + inline: on + indexed: on + +index: + number_of_shards: {{ es_number_of_shards | default ('1') }} + number_of_replicas: {{ es_number_of_replicas | default ('0') }} + unassigned.node_left.delayed_timeout: 2m + translog: + flush_threshold_size: 256mb + flush_threshold_period: 5m + +node: + master: ${IS_MASTER} + data: ${HAS_DATA} + +network: + host: 0.0.0.0 + +cloud: + kubernetes: + service: ${SERVICE_DNS} + namespace: ${NAMESPACE} + +discovery: + type: kubernetes + zen.ping.multicast.enabled: false + zen.minimum_master_nodes: ${NODE_QUORUM} + +gateway: + recover_after_nodes: ${NODE_QUORUM} + expected_nodes: ${RECOVER_EXPECTED_NODES} + recover_after_time: ${RECOVER_AFTER_TIME} + +io.fabric8.elasticsearch.authentication.users: ["system.logging.kibana", "system.logging.fluentd", "system.logging.curator", "system.admin"] +io.fabric8.elasticsearch.kibana.mapping.app: /usr/share/elasticsearch/index_patterns/com.redhat.viaq-openshift.index-pattern.json +io.fabric8.elasticsearch.kibana.mapping.ops: /usr/share/elasticsearch/index_patterns/com.redhat.viaq-openshift.index-pattern.json + +openshift.config: + use_common_data_model: true + project_index_prefix: "project" + time_field_name: "@timestamp" + +openshift.searchguard: + keystore.path: /etc/elasticsearch/secret/admin.jks + truststore.path: /etc/elasticsearch/secret/searchguard.truststore + +openshift.operations.allow_cluster_reader: {{allow_cluster_reader | default (false)}} + +path: + data: /elasticsearch/persistent/${CLUSTER_NAME}/data + logs: /elasticsearch/${CLUSTER_NAME}/logs + work: /elasticsearch/${CLUSTER_NAME}/work + scripts: /elasticsearch/${CLUSTER_NAME}/scripts + +searchguard: + authcz.admin_dn: + - CN=system.admin,OU=OpenShift,O=Logging + config_index_name: ".searchguard.${HOSTNAME}" + ssl: + transport: + enabled: true + enforce_hostname_verification: false + keystore_type: JKS + keystore_filepath: /etc/elasticsearch/secret/searchguard.key + keystore_password: kspass + truststore_type: JKS + truststore_filepath: /etc/elasticsearch/secret/searchguard.truststore + truststore_password: tspass + http: + enabled: true + keystore_type: JKS + keystore_filepath: /etc/elasticsearch/secret/key + keystore_password: kspass + clientauth_mode: OPTIONAL + truststore_type: JKS + truststore_filepath: /etc/elasticsearch/secret/truststore + truststore_password: tspass |